EXPERT
OPINION
Ransomware:
Here today,
here tomorrow
Cybercriminals do not take a break when a pandemic
hits, and with many networks increasingly vulnerable
as more people work from home, now is the time to
try and avert threats. Derek Manky, Chief Security
Insights and Global Threat Alliances, Fortinet,
explains how to improve your cybersecurity.
Derek Manky, Chief Security
Insights and Global Threat
Alliances, Fortinet
ith all our energy
W
of the past several
weeks focused
on adapting to
the global crisis,
security may
have taken a
back seat. But cybercriminals haven’t
forgotten. Networks have been turned
inside out and they have been very
actively targeting remote workers that
used to be protected by the network
perimeter with fake COVID-19-related
material and other social networking
attacks. And they have been probing
these new network environments for
vulnerabilities in the hope that they may
have been pulled together too quickly
to have implemented adequate security
protections and controls.
FortiGuard Labs has been actively
monitoring the threat landscape during
this time and we have seen a significant
increase in threats targeting individuals
through phishing and infected websites.
Email attachments containing infected
and malicious content explains why we
recorded a 131% increase in viruses
during March of this year. It also
explains why we have seen a reduction
in traditional attacks as cybercriminals
shift focus. Incidents of ransomware are
likely to rise as cybercriminals look to
use compromised end-user devices as
a conduit back into a core network, that
may not be being watched as carefully
as it once was. We take a close look
at the level of threat that ransomware
poses and what organisations should
do about it now, while their networks are
still in a state of flux.
The ransomware landscape today
Among the types of attacks that keep
security professionals up at night is
ransomware, and the threat shows no
signs of slowing down. When it comes to
defending against ransomware, security
tools are only as good as the team
that manages them. Everything from
configuration errors to solution sprawl
can weaken the power of enterprise
cybersecurity defences to detect
and prevent cyberattacks. However,
especially when it comes to ransomware,
the biggest problem is the human factor.
Why cyberhygiene and the ‘human
factor’ continue to be primary
concerns for ransomware
When it comes to cyberhygiene,
awareness is not the problem – it
is rooted in human behaviour. But
awareness and action are two very
different things. In addition to broad
brush attacks that target everyone,
emails are being cleverly written to
target specific types of individuals at an
organisation, either directly or through
www.intelligentciso.com | Issue 28
41